AZL-69140 CVE-2025-58186 affecting package msft-golang 1.24.13-1

🗓️ 29 Oct 2025 23:16:19Reported by GoogleType

osv

osv🔗 osv.dev👁 2 Views

AZL-69140 CVE-2025-58186 exposes memory exhaustion in msft-golang 1.24.13-1 via many small cookies.

Reporter	Title	Published	Views	Family All 565
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in IBM MQ Operator and Queue manager container images	9 Feb 202611:57	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Guardium Data Security Center is affected by multiple vulnerabilities	23 Jan 202620:43	–	ibm
IBM Security Bulletins	Security Bulletin: IBM App Connect Enterprise Certified Container is vulnerable to denial of service and loss of confidentiality due to several findings in Golang binaries	19 Dec 202515:28	–	ibm
IBM Security Bulletins	Security Bulletin: Memory Exhaustion via Excessive Cookies in HTTP Servers, affects watsonx.data	7 Apr 202610:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple secuirty vulnerabilies addressed with IBM Business Automation Workflow containers January 2026	30 Jan 202617:17	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities affect IBM watsonx Orchestrate with watsonx Assistant Cartridge	22 Jan 202602:58	–	ibm
Tenable Nessus	Amazon Linux 2023 : golang, golang-bin, golang-misc (ALAS2023-2025-1239)	28 Oct 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : runfinch-finch (ALAS2023-2025-1270)	11 Nov 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : amazon-ecr-credential-helper (ALAS2023-2025-1271)	11 Nov 202500:00	–	nessus
Tenable Nessus	Amazon Linux 2023 : containerd, containerd-stress (ALAS2023-2025-1272)	11 Nov 202500:00	–	nessus

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-58186

21 Apr 2026 04:38Current

7.2High risk

Vulners AI Score7.2

CVSS 3.15.3

EPSS0.00041

SSVC

memory exhaustion many cookies tiny cookies http headers msft golang security vulnerability